Adds permission API procs (quay#1201)

Co-authored-by: Steven Smith <[email protected]>

Author: stevsmit

api/master.adoc

@@ -87,9 +87,10 @@ include::modules/org-team-member-api.adoc[leveloffset=+3]
 include::modules/org-application-create-api.adoc[leveloffset=+3]
 //proxy-cache
 include::modules/org-proxy-cache-configuration-api.adoc[leveloffset=+3]
-
-
-
+//permission
+include::modules/repo-permission-api.adoc[leveloffset=+2]
+include::modules/user-permissions-repo.adoc[leveloffset=+3]
+include::modules/team-permissions-api.adoc[leveloffset=+3]
 
 // team member management?
 include::modules/managing-team-members-api.adoc[leveloffset=+3]

modules/repo-permission-api.adoc

@@ -0,0 +1,6 @@
+[id="repo-permission-api"]
+= Managing repository permissions by using the {productname} API
+
+Repository permissions can be managed by using the {productname} API. For example, you can create, view, and delete user and team permissions.
+
+The following procedures show you how to manage repository permissions by using the {productname} API.

modules/team-permissions-api.adoc

@@ -0,0 +1,70 @@
+// module included in the following assemblies:
+
+// * use_quay/master.adoc
+
+:_content-type: CONCEPT
+[id="repo-manage-team-permissions"]
+= Managing team permissions by using the {productname} API
+
+Use the following procedure to manage team permissions by using the {productname} API.
+
+. Permissions for a specified team can be returned by using the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#getteampermissions[`GET /api/v1/repository/{repository}/permissions/team/{teamname}`] endpoint:
++
+[source,terminal]
+----
+$ curl -X GET \
+  -H "Authorization: Bearer <access_token>" \
+  "https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/permissions/team/<teamname>"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"role": "write"}
+----
+
+. Permissions for all teams can be returned with the link:[`GET /api/v1/repository/{repository}/permissions/team/`] endpoint. For example:
++
+[source,terminal]
+----
+$ curl -X GET \
+  -H "Authorization: Bearer <access_token>" \
+  "https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/permissions/team/"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"permissions": {"ironmanteam": {"role": "read", "name": "ironmanteam", "avatar": {"name": "ironmanteam", "hash": "8045b2361613622183e87f33a7bfc54e100a41bca41094abb64320df29ef458d", "color": "#969696", "kind": "team"}}, "sillyteam": {"role": "read", "name": "sillyteam", "avatar": {"name": "sillyteam", "hash": "f275d39bdee2766d2404e2c6dbff28fe290969242e9fcf1ffb2cde36b83448ff", "color": "#17becf", "kind": "team"}}}}
+----
+
+. Permissions for a specified team can be changed by using the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#changeteampermissions[`PUT /api/v1/repository/{repository}/permissions/team/{teamname}`] command. For example:
++
+[source,terminal]
+----
+$ curl -X PUT \
+  -H "Authorization: Bearer <access_token>" \
+  -H "Content-Type: application/json" \
+  -d '{"role": "<role>"}' \
+  "https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/permissions/team/<teamname>"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"role": "admin", "name": "superteam", "avatar": {"name": "superteam", "hash": "48cb6d114200039fed5c601480653ae7371d5a8849521d4c3bf2418ea013fc0f", "color": "#9467bd", "kind": "team"}}
+----
+
+. Team permissions can be deleted with the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#deleteteampermissions[`DELETE /api/v1/repository/{repository}/permissions/team/{teamname}`] command. For example:
++
+[source,terminal]
+----
+$ curl -X DELETE \
+  -H "Authorization: Bearer <access_token>" \
+  "https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/permissions/team/<teamname>"
+----
++
+This command does not return output in the CLI.

modules/user-permissions-repo.adoc

@@ -0,0 +1,88 @@
+// module included in the following assemblies:
+
+// * use_quay/master.adoc
+
+:_content-type: CONCEPT
+[id="repo-manage-user-permissions"]
+= Managing user permissions by using the {productname} API
+
+Use the following procedure to manage user permissions by using the {productname} API.
+
+.Procedure
+
+. Use the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#getuserpermissions[`GET /api/v1/repository/{repository}/permissions/user/{username}`] endpoint to obtain repository permissions for a user. For example:
++
+[source,terminal]
+----
+$ curl -X GET \
+  -H "Authorization: Bearer <access_token>" \
+  "https://quay-server.example.com/api/v1/repository/<repository_path>/permissions/user/<username>"
+----
++
+.Example output
++
+[source,terminal]
+----
+$ {"role": "read", "name": "testuser", "is_robot": false, "avatar": {"name": "testuser", "hash": "f660ab912ec121d1b1e928a0bb4bc61b15f5ad44d5efdc4e1c92a25e99b8e44a", "color": "#6b6ecf", "kind": "user"}, "is_org_member": false}
+----
+
+. All user permissions can be returned with the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#listrepouserpermissions[`GET /api/v1/repository/{repository}/permissions/user/`] endpoint:
++
+[source,terminal]
+----
+$ curl -X GET \
+  -H "Authorization: Bearer <access_token>" \
+  "https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/permissions/user/"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"permissions": {"quayadmin": {"role": "admin", "name": "quayadmin", "is_robot": false, "avatar": {"name": "quayadmin", "hash": "6d640d802fe23b93779b987c187a4b7a4d8fbcbd4febe7009bdff58d84498fba", "color": "#f7b6d2", "kind": "user"}, "is_org_member": true}, "test+example": {"role": "admin", "name": "test+example", "is_robot": true, "avatar": {"name": "test+example", "hash": "3b03050c26e900500437beee4f7f2a5855ca7e7c5eab4623a023ee613565a60e", "color": "#a1d99b", "kind": "robot"}, "is_org_member": true}}}
+----
+
+. Alternatively, you can use the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#getusertransitivepermission[`GET /api/v1/repository/{repository}/permissions/user/{username}/transitive`] endpoint to return only the repository permission for the user:
++
+[source,terminal]
+----
+$ curl -X GET \
+  -H "Authorization: Bearer <access_token>" \
+  "https://quay-server.example.com/api/v1/repository/<repository_path>/permissions/user/<username>/transitive"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"permissions": [{"role": "admin"}]}
+----
+
+. You can change the user's permissions, such as making the user an `admin` by using the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#changeuserpermissions[`PUT /api/v1/repository/{repository}/permissions/user/{username}`] endpoint. For example:
++
+[source,terminal]
+----
+$ curl -X PUT \
+  -H "Authorization: Bearer <access_token>" \
+  -H "Content-Type: application/json" \
+  -d '{"role": "<role>"}' \
+  "https://quay-server.example.com/api/v1/repository/<repository_path>/permissions/user/<username>"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"role": "admin", "name": "testuser", "is_robot": false, "avatar": {"name": "testuser", "hash": "f660ab912ec121d1b1e928a0bb4bc61b15f5ad44d5efdc4e1c92a25e99b8e44a", "color": "#6b6ecf", "kind": "user"}, "is_org_member": false}
+----
+
+. User permissions can be deleted by using the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#deleteuserpermissions[`DELETE /api/v1/repository/{repository}/permissions/user/{username}`] endpoint. For example:
++
+[source,terminal]
+----
+$ curl -X DELETE \
+  -H "Authorization: Bearer <access_token>" \
+  "https://quay-server.example.com/api/v1/repository/<namespace>/<repository>/permissions/user/<username>"
+----
++
+This command does not return output.